TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

Microsoft patched nine vulnerabilities in Windows Administrator Protection before its general release, all reported by Google Project Zero researcher James Forshaw. The bugs allowed attackers to bypass the new security feature and silently grant themselves admin privileges. The most significant flaw exploited how Windows handles DOS device object directories for user sessions, leveraging a UAC bypass Forshaw had known about for years but only became exploitable with the new Administrator Protection feature. The vulnerability involved manipulating token ownership and forcing the kernel to create directories under attacker control, effectively circumventing the least-privilege security model.

Old Windows quirks help punch through new admin defenses